Related bugs

Related blueprints

Branch information

Recent revisions

* src/libecryptfs/key_management.c: LP: #725862
- fix nasty bug affecting users who do *not* encrypt filenames;
the first login works, but on logout, only one key gets
cleaned out; subsequent logins do not insert the necessary key
due to an early "goto out"

debian/rules, debian/control: disable the gpg key module,
as it's not yet functional; does more harm than good to build it;
should not be in 10.04 LTS; clean up build-deps; also, not using
opencryptoki either; unbreak the build for 32-bit Lucid

[ Dustin Kirkland ]
* src/utils/ecryptfs-migrate-home: clean up for merge
- use $() rather than ``
- drop set -u
- use = and !=, and quote vars, rather than testing with -ne, -eq,
for better shell portability
- improve usage statement and error text
- check if already encrypted
- handle migration of multiple users on boot
- fix all whitespace, use tabs for indents
- use quotes around variables, rather than ${} (stylistic preference)
- major simplification for immediate release
+ remove boot and user modes; only support administrator mode for
security reasons and to avoid race conditions
+ other modes can be re-added, if necessary, and if security
concerns can be addressed
- ensure running as root
- drop VERBOSE option, always print useful info messages
- call the user $USER_NAME rather than $USER_ID since id implies
number, and here we're deailing with names
- no decimals on awk calculation
- mktemp on the target user, not root
- check that there is enough disk space available to do the migration
- ensure the user's homedir group is correct
- add critical instructions, user *must* login after the migration and
before the reboot, as their wrapped passphrase will be cleared on
reboot (possible we should use an init script to move these to
/var/tmp on reboot)
- ensure permissions are set correctly
- improve text at the end of the migration, organize into notes
* ecryptfs-utils.ecryptfs-utils-restore.upstart,
ecryptfs-utils.ecryptfs-utils-save.upstart, rules:
- try to protect migrating users who don't login before the next reboot
* debian/ecryptfs-utils.install: install the locale messages
* src/desktop/ecryptfs-record-passphrase: improve dialog text
* src/desktop/ecryptfs-record-passphrase: revert the _ bit, as it's not quite
working yet, will need to talk to David to fix
* Mark LP: #471725 as fixed

src/utils/ecryptfs-setup-private: fix bug where setup-private
incorrectly assumed that the home/private dir ownerships should
be owned by USER:USER; instead, default to USER:GROUP, where
GROUP is the USER's primary group by default, cherry-pick upstream
r463, LP: #445301